Dodd-Frank: Frankly, my dear, you should give a damn

It's only about five weeks until compliance officers the world over are bracing themselves for an impossible task, says Nigel Cannings

Wall Street impact S Borisov

The Dodd–Frank Wall Street Reform and Consumer Protection Act was brought in to try to avoid some of the issues surrounding the meltdown in the global economy in 2008. When the world was looking for a scapegoat, a large finger was pointed at OTC Derivatives trading, especially swaps. Dodd-Frank seeks to put in place significant reforms to regulate the market and protect the participants in the swap trades.
Of all the many facets of protection that are being proposed, my particular area of interest is in the record-keeping side. Doesn’t that sound dull? On the face of it, that is probably true, but it is one of the areas that has created the most headaches, and which has set a herculean task for financial services firms and their IT suppliers.
There are three things that are causing an issue: What has to be stored, how it has to be stored, and most painfully, how it has to be retrieved.

Be ready for the regulator

Put simply, any communication that relates to the making of a trade, as well as any post-trade documentation, needs to be retained. And made available pretty much on demand to a regulator.
“Communication” for these purposes includes my old friend the telephone conversation, but also covers all sorts of other hard to capture things like text messages, cell phone calls and IM. Recent regulations bring in commodities transactions as well as those involving equities.
In the UK, firms have had experience of what this means. It means significant cost, infrastructure changes and in the case of cell phone recording, unsatisfactory first-generation technology with issues of dropped and missed calls.
Despite protestations from industry bodies like SIFMA, this has pretty much fallen on deaf ears in the US, the attitude being that if the regulations exist (and everyone has the same problems...) a technological solution will have to be found. The regulatory version of a Field of Dreams.

1 April is D-Day

From 1st April (following a final, final CFTC No Action Letter at the end of October last year), this data needs to be kept, and it needs to be available.
Actually, collecting the data can (with the exception of cell phone calls) be done fairly easily. E-mail is usually kept anyway in a corporate vault like Symantec’s Enterprise Vault, IM can be harvested and stored in a similar way, and as most firms use IP based telephone and trading systems, the data can be plucked from the network and stored with relative ease. Also, as the number of affected traders in most instances is a sub-set of total traders in any given organisation, it is a step-change, rather than a sea-change. I could have a couple of people in with a server next week that would do the job….

Slightly trickier is how the data is stored. Under s1.31 of the Commodity Exchange Act, all electronic records need to be kept “exclusively in a non-rewritable, non-erasable format”. Bet your “cloudy“ provider will find that a challenge, especially as the records need to be kept on-site in any event. There are software solutions that claim they meet this requirement, but my recommendation is to make sure you have some WORM-type storage (LT06 Tapes are now surprisingly good) ready and waiting.

The real nightmare

But I have saved the real nightmare until last. Records have to be available on a daily basis, and they have to be accessible by transaction and counterparty. Simple, huh?

There are two big problems. First, until a swap is concluded,it doesn’t have a unique number (known as a USI or Unique Swap Identifier), so you have to try to dissect from your records communications that come from each side of the transaction, and which only relate to that transaction. That is the mother of all search tasks, as you have to first find a pool of communications between the parties who might potentially be involved in the trade, and then find the relevant communications about that trade.

But the second problem is the killer. Caller ID, or the lack thereof. Something like 43 per cent of all incoming phone calls to financial institutions have no caller ID associated with them. No caller ID, no party identification, no automatic way of sifting through the calls. It has been suggested that voice indexing is the answer to search for relevant keywords (and I support, that although perhaps not the $4 million price tag quoted to the CFTC), but it is not the answer. The only way is by “fingerprinting” the incoming callers’ voices to establish identity. No, it’s not science fiction, and yes, it’s the only way you stand a chance of complying.

Finally, you have to show the communications on a timeline. I’ve seen a few fancy demos showing the ability to meet the regulations, with some very nice (graphical) timelines as well. I can tell you that there is currently no fully automated way that you can comply. There are, however, tools that can help you comply. Think “case management” and “e-discovery”, and you are on the right track.

But where there is new regulation, people smell quick cash. And there is nothing a snake oil salesman likes more than quick cash…